张甲-清华大学网络科学与网络空间研究院

研究概况

网络安全测量：针对DNS、CDN等互联网关键基础设施，研究有效的安全测量方法；针对DNS域名依赖问题，发现了其中混乱的依赖关系以及可能的安全风险；通过测量DNS相关扩展项的支持能力，对全球DNS对CDN的调度精准度等进行了分析评估；针对CDN系统的滥用问题进行了全球的测量与分析，发现部分问题几乎涵盖所有知名CDN厂商，相关研究成果得到了产业界的高度重视。

网络异常检测：针对当前加密恶意流量日益增多，研究基于人工智能算法的加密恶意流量分析方法，通过长期积累的多维特征向量以及优化的机器学习算法，可以有效面对TLS等加密流量发现其中的一场行为；相关研究成果已经在知名网络企业进行了产品落地。

协议漏洞挖掘：针对DNS、HTTP、SMTP等关键互联网协议，研究协议漏洞的机理问题；通过人工分析与自动化测试相结合的方法，发现了针对各类主流互联网协议的重要安全问题。部分协议漏洞涵盖多个知名厂商，多个国家和地区的应急响应组织对我们公布的安全漏洞提出了预警。

学术成果

会议论文：

[1] Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang*, Haixin Duan*, Shuang Hao, Xiarun Chen, Yao Wang, CDN Backfired: Amplification Attacks Based on HTTP Range Requests, In the 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020), VALÈNCIA, SPAIN, 29th June - 2th July, 2020 (会议最佳论文),

[2] Run Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang*, Haixin Duan*, Kaiwen Shen, Jianjun Chen, Ying Liu, CDN Judo: Breaking the CDN DoS Protection with Itself, In the 2020 Network and Distributed System Security Symposium (NDSS 2020), San Diego, CA, USA, Feb 2020

[3] Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang*, Chao Zhang*, Haixin Duan, Tao Wan, Jian Jiang, Shuang Hao, Yaoqi Jia, Abusing CDNs for Fun and Profit: Security Issues in CDNs’ Origin Validation, In the 37th IEEE International Symposium on Reliable Distributed Systems (SRDS 2018), Bahia, Brazil, Oct 2018

[4] Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang*, Shuang Hao, Haixin Duan, Measuring Privacy Threats in China-Wide Mobile Networks, In the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 2018), 2018

[5] Jian Jiang, Jia Zhang*, Haixin Duan, Kang Li, Wu Liu, Analysis and Measurement of Zone Dependency in the Domain Name System, In 2018 IEEE International Conference on Communications (ICC 2018), Kansas, USA, 2018

[6] Jia Zhang, Haixin Duan, Wu Liu, Xingkun Yao, How to notify a vulnerability to the right person? Case study: in an ISP scope, In 2017 IEEE Global Communications Conference (Globecom 2017), Singapore, 2017

[7] Jia Zhang，Haixin Duan，Wu Liu, Analysis of Anonymity in P2P Anonymous Communication Systems, In the 24th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA 2010), Perth, Australia, 20-13 April 2010.

[8] A light-weighted extension of anonymous communications in IPv6 Network, Jia Zhang, Haixin Duan, Wu Liu, Jianping Wu, In 2010 International Conference on Green Circuits and Systems (ICGCS 2010), Shanghai, China, 2010

[9] Jia Zhang, Haixin Duan, Lanjia Wang, Yuntao Guan, Jianping Wu, A Fast Method of Signature Generation for Polymorphic Worms, In 2008 International Conference on Computer and Electrical Engineering (ICCEE 2008), Thailand, 2008

[10] Jia Zhang, Haixin Duan, Jianping Wu, A Novel Method to Prevent Traffic Analysis in Low-Latency Anonymous Communication Systems, In 2008 International Conference on Computer and Electrical Engineering (ICCEE 2008), Thailand, 2008

[11] Jia Zhang, Yuantao Guan, Xiaoxin Jiang, Haixin Duan, Jianping Wu, AMCAS: An Automatic Malicious Code Analysis System, In 2008 International Conference on Web-Age Information Management (WAIM 2008), Zhangjiajie, China, 2008

期刊论文：

[1] Jia Zhang*, Haixin Duan, Jian Jiang, Jinjin Liang, Jianping Wu, Finding the best answer: measuring the optimization of public and authoritative DNS, Sci China Inf Sci, vol.62, No.3, 2019

[2] 冷春莹, 陆超逸, 张甲*, 段海新, EDU.CN子域名异常解析现象测量, 通信学报, 2018.9, 39(Z1): 99~103

[3] 王郁, 张一铭, 张甲*, 段海新, 教育类官网推广感染研究, 通信学报, 2018.9, 39(Z1): 78~85

[4] Jia Zhang*, Haixin Duan, Wu Liu, Jianping Wu, Anonymity analysis of P2P anonymous communication systems, Computer Communications, 2011.1, 34(1): 358~366

[5] 张甲, 段海新, 吴建平, IPv6环境下匿名通信系统的设计与实现, 清华学报(自然科学版), 2011.1, (1): 63~67

[6] Jia Zhang*, Haixin Duan, Wu Liu, Jianping Wu, WindTalker: A P2P-Based Low-Latency Anonymous Communication Network, IEICE Trans. Commun., 2009.10.1, E92-B(10)

[7] 张甲, 段海新, 葛连升, 基于事件序列的蠕虫网络行为分析算法, 山东大学学报(理学版), 2007.9, (9): 36~40